Research on LLM adversarial robustness has long suffered from misaligned objectives and the absence of standardized evaluation criteria, resulting in numerous defense methods that are irreproducible and easily broken. Method: This paper introduces cybersecurity threat taxonomy into the LLM adversarial alignment domain—the first such effort—and proposes a paradigm shift centered on “decoupling subproblems + restoring the tripartite verifiability principle” (i.e., measurability, reproducibility, and comparability). It systematically establishes a threat-modeling–based analytical framework, a rigorous robustness evaluation methodology, and a standardized benchmarking protocol. Contribution/Results: The work clarifies fundamental distinctions between emerging LLM-specific threats and classical adversarial threats. It delivers the field’s first sustainable, empirically verifiable, and cross-method comparable research benchmark and evaluation consensus—enabling principled progress in LLM robustness research.

Misaligned research objectives have considerably hindered progress in adversarial robustness research over the past decade. For instance, an extensive focus on optimizing target metrics, while neglecting rigorous standardized evaluation, has led researchers to pursue ad-hoc heuristic defenses that were seemingly effective. Yet, most of these were exposed as flawed by subsequent evaluations, ultimately contributing little measurable progress to the field. In this position paper, we illustrate that current research on the robustness of large language models (LLMs) risks repeating past patterns with potentially worsened real-world implications. To address this, we argue that realigned objectives are necessary for meaningful progress in adversarial alignment. To this end, we build on established cybersecurity taxonomy to formally define differences between past and emerging threat models that apply to LLMs. Using this framework, we illustrate that progress requires disentangling adversarial alignment into addressable sub-problems and returning to core academic principles, such as measureability, reproducibility, and comparability. Although the field presents significant challenges, the fresh start on adversarial robustness offers the unique opportunity to build on past experience while avoiding previous mistakes.